cvelistv5 - CVE-2008-2936

CVE-2008-2936 (GCVE-0-2008-2936)

Vulnerability from cvelistv5 – Published: 2008-08-18 19:00 – Updated: 2024-08-07 09:21

Summary

Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	ftp://ftp.porcupine.org/mirrors/postfix-release/o…	x_refsource_CONFIRM
	http://secunia.com/advisories/32231	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/31469	third-party-advisoryx_refsource_SECUNIA
	ftp://ftp.porcupine.org/mirrors/postfix-release/o…	x_refsource_CONFIRM
	http://www.debian.org/security/2008/dsa-1629	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/31530	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	https://issues.rpath.com/browse/RPL-2689	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1020700	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/495632/100…	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/938323	third-party-advisoryx_refsource_CERT-VN
	http://article.gmane.org/gmane.mail.postfix.annou…	mailing-listx_refsource_MLIST
	http://securityreason.com/securityalert/4160	third-party-advisoryx_refsource_SREASON
	http://www.securityfocus.com/bid/30691	vdb-entryx_refsource_BID
	http://wiki.rpath.com/Advisories:rPSA-2008-0259	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/31474	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/495882/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	ftp://ftp.porcupine.org/mirrors/postfix-release/o…	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/6337	exploitx_refsource_EXPLOIT-DB
	http://www.redhat.com/support/errata/RHSA-2008-08…	vendor-advisoryx_refsource_REDHAT
	ftp://ftp.porcupine.org/mirrors/postfix-release/e…	x_refsource_CONFIRM
	http://secunia.com/advisories/31500	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/31477	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/31485	third-party-advisoryx_refsource_SECUNIA
	https://usn.ubuntu.com/636-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/495474/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/2385	vdb-entryx_refsource_VUPEN
	http://security.gentoo.org/glsa/glsa-200808-12.xml	vendor-advisoryx_refsource_GENTOO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2008-8595",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
          },
          {
            "name": "32231",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32231"
          },
          {
            "name": "31469",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31469"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
          },
          {
            "name": "DSA-1629",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1629"
          },
          {
            "name": "31530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31530"
          },
          {
            "name": "FEDORA-2008-8593",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2689"
          },
          {
            "name": "1020700",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020700"
          },
          {
            "name": "20080821 rPSA-2008-0259-1 postfix",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
          },
          {
            "name": "VU#938323",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/938323"
          },
          {
            "name": "[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
          },
          {
            "name": "4160",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4160"
          },
          {
            "name": "30691",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30691"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
          },
          {
            "name": "SUSE-SA:2008:040",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
          },
          {
            "name": "31474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31474"
          },
          {
            "name": "20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
          },
          {
            "name": "postfix-symlink-code-execution(44460)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
          },
          {
            "name": "6337",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6337"
          },
          {
            "name": "RHSA-2008:0839",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
          },
          {
            "name": "31500",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31500"
          },
          {
            "name": "oval:org.mitre.oval:def:10033",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
          },
          {
            "name": "31477",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31477"
          },
          {
            "name": "31485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31485"
          },
          {
            "name": "USN-636-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/636-1/"
          },
          {
            "name": "MDVSA-2008:171",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
          },
          {
            "name": "20080814 Postfix local privilege escalation via hardlinked symlinks",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
          },
          {
            "name": "ADV-2008-2385",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2385"
          },
          {
            "name": "GLSA-200808-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2008-8595",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
        },
        {
          "name": "32231",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32231"
        },
        {
          "name": "31469",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31469"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
        },
        {
          "name": "DSA-1629",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1629"
        },
        {
          "name": "31530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31530"
        },
        {
          "name": "FEDORA-2008-8593",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2689"
        },
        {
          "name": "1020700",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020700"
        },
        {
          "name": "20080821 rPSA-2008-0259-1 postfix",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
        },
        {
          "name": "VU#938323",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/938323"
        },
        {
          "name": "[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
        },
        {
          "name": "4160",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4160"
        },
        {
          "name": "30691",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30691"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
        },
        {
          "name": "SUSE-SA:2008:040",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
        },
        {
          "name": "31474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31474"
        },
        {
          "name": "20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
        },
        {
          "name": "postfix-symlink-code-execution(44460)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
        },
        {
          "name": "6337",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6337"
        },
        {
          "name": "RHSA-2008:0839",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
        },
        {
          "name": "31500",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31500"
        },
        {
          "name": "oval:org.mitre.oval:def:10033",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
        },
        {
          "name": "31477",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31477"
        },
        {
          "name": "31485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31485"
        },
        {
          "name": "USN-636-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/636-1/"
        },
        {
          "name": "MDVSA-2008:171",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
        },
        {
          "name": "20080814 Postfix local privilege escalation via hardlinked symlinks",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
        },
        {
          "name": "ADV-2008-2385",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2385"
        },
        {
          "name": "GLSA-200808-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-2936",
    "datePublished": "2008-08-18T19:00:00",
    "dateReserved": "2008-06-30T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F08A3C19-AEB6-4E0C-A41D-01024DC0A25D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAE8A81E-3856-4908-B7B7-9CF511CA2A21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B935272-1EC7-4C70-8299-9DC7594809EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1647690F-D015-4DC4-9FB7-F5E9F0C430D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A814997B-A612-493F-AA85-BA5A187A91FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"449E9764-54F4-46F9-9E4D-F2C96EC5F37E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF4A15A5-0994-4A3B-B4CD-1C5D9F411FDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E3FB858-1B20-450B-9181-A1FE1C2B9DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6BBD449-6F03-4EFE-8C87-B5014F0381F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEBD42EA-B31E-4E37-BF28-FEBB18369A18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B92BCC42-6E9F-44CB-A755-004B6DBD9D41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B67A4AE-2C1C-49D6-9F53-05CAB51273E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A64D948-9441-492F-B9E5-DE5D5A3D7266\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D7BCB67-AF9E-4343-827B-D783C71BAF46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"265AD494-E5EB-423B-9C20-62BCB1C3B9B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2138A68-3F3D-4C7E-9FEB-2C8A445F2789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"790C02A8-95DD-42BE-8A1C-1C6D6DDCC443\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A0034F2-585D-4A98-8428-996A726712DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B162B5-DEF5-46AD-87D1-734B3B637D46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DF3730A-0FFD-4C23-B758-BBA67CC9CD92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10E8E5E2-5674-40D5-AD86-8C4DDB442EE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"690EDC73-47B5-4891-86A5-37B6ED80E145\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA31260C-1C67-4E76-9F56-2359BFA0B197\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1DE90BD-B5F9-4762-B086-130AB04F3CB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCD5258B-C9DE-47BD-9172-27618F220201\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5B3F710-13EF-4A36-B191-E0FCC1D98E23\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.\"}, {\"lang\": \"es\", \"value\": \"Postfix antes de 2.3.15, 2.4 anterior a 2.4.8, 2.5 anterior a 2.5.4 y 2.6 antes de 2.6-20080814, cuando el sistema operativo admite enlaces duros (hard links) a enlaces simb\\u00f3licos, permite a usuarios locales a\\u00f1adir mensajes de correo a un archivo al que apunta un enlace simb\\u00f3lico propiedad de root, creando un enlace duro a este enlace simb\\u00f3lico y enviando un mensaje despu\\u00e9s. NOTA: esto puede ser utilizado para obtener privilegios si hay un enlace simb\\u00f3lico a un script init.\"}]",
      "evaluatorComment": "Please refer to the following links for additional version information (vendor release notes):\r\n\r\n\r\nPostfix 2.3 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.3.15.RELEASE_NOTES\r\n\r\nPostfix 2.4 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.4.8.RELEASE_NOTES\r\n\r\nPostfix 2.5 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.5.4.RELEASE_NOTES\r\n\r\nPostfix 2.6 - ftp://mirrors.loonybin.net/pub/postfix/experimental/postfix-2.6-20080814.RELEASE_NOTES",
      "id": "CVE-2008-2936",
      "lastModified": "2024-11-21T00:48:03.190",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 1.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-08-18T19:41:00.000",
      "references": "[{\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://article.gmane.org/gmane.mail.postfix.announce/110\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/31469\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/31474\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/31477\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/31485\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31500\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31530\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/32231\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200808-12.xml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securityreason.com/securityalert/4160\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2008-0259\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1629\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/938323\", \"source\": \"secalert@redhat.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:171\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0839.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495474/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495632/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495882/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/30691\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020700\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2385\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/44460\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2689\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://usn.ubuntu.com/636-1/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.exploit-db.com/exploits/6337\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://article.gmane.org/gmane.mail.postfix.announce/110\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31469\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31474\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31477\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31485\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31500\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31530\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/32231\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200808-12.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/4160\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2008-0259\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1629\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/938323\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:171\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0839.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495474/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495632/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/495882/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/30691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020700\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2385\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/44460\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2689\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/636-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/6337\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2936\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-08-18T19:41:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.\"},{\"lang\":\"es\",\"value\":\"Postfix antes de 2.3.15, 2.4 anterior a 2.4.8, 2.5 anterior a 2.5.4 y 2.6 antes de 2.6-20080814, cuando el sistema operativo admite enlaces duros (hard links) a enlaces simb\u00f3licos, permite a usuarios locales a\u00f1adir mensajes de correo a un archivo al que apunta un enlace simb\u00f3lico propiedad de root, creando un enlace duro a este enlace simb\u00f3lico y enviando un mensaje despu\u00e9s. NOTA: esto puede ser utilizado para obtener privilegios si hay un enlace simb\u00f3lico a un script init.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F08A3C19-AEB6-4E0C-A41D-01024DC0A25D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAE8A81E-3856-4908-B7B7-9CF511CA2A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B935272-1EC7-4C70-8299-9DC7594809EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1647690F-D015-4DC4-9FB7-F5E9F0C430D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A814997B-A612-493F-AA85-BA5A187A91FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"449E9764-54F4-46F9-9E4D-F2C96EC5F37E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF4A15A5-0994-4A3B-B4CD-1C5D9F411FDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E3FB858-1B20-450B-9181-A1FE1C2B9DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6BBD449-6F03-4EFE-8C87-B5014F0381F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBD42EA-B31E-4E37-BF28-FEBB18369A18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B92BCC42-6E9F-44CB-A755-004B6DBD9D41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B67A4AE-2C1C-49D6-9F53-05CAB51273E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A64D948-9441-492F-B9E5-DE5D5A3D7266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D7BCB67-AF9E-4343-827B-D783C71BAF46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"265AD494-E5EB-423B-9C20-62BCB1C3B9B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2138A68-3F3D-4C7E-9FEB-2C8A445F2789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"790C02A8-95DD-42BE-8A1C-1C6D6DDCC443\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A0034F2-585D-4A98-8428-996A726712DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B162B5-DEF5-46AD-87D1-734B3B637D46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF3730A-0FFD-4C23-B758-BBA67CC9CD92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10E8E5E2-5674-40D5-AD86-8C4DDB442EE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"690EDC73-47B5-4891-86A5-37B6ED80E145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA31260C-1C67-4E76-9F56-2359BFA0B197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1DE90BD-B5F9-4762-B086-130AB04F3CB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCD5258B-C9DE-47BD-9172-27618F220201\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5B3F710-13EF-4A36-B191-E0FCC1D98E23\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://article.gmane.org/gmane.mail.postfix.announce/110\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31469\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31474\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31477\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31485\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31500\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31530\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/32231\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200808-12.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securityreason.com/securityalert/4160\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2008-0259\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1629\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/938323\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:171\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0839.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/495474/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/495632/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/495882/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/30691\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020700\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2385\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44460\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2689\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/636-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.exploit-db.com/exploits/6337\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://article.gmane.org/gmane.mail.postfix.announce/110\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31500\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32231\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200808-12.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/4160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2008-0259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/938323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0839.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/495474/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/495632/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/495882/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020700\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2385\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2689\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/636-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/6337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Please refer to the following links for additional version information (vendor release notes):\\r\\n\\r\\n\\r\\nPostfix 2.3 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.3.15.RELEASE_NOTES\\r\\n\\r\\nPostfix 2.4 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.4.8.RELEASE_NOTES\\r\\n\\r\\nPostfix 2.5 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.5.4.RELEASE_NOTES\\r\\n\\r\\nPostfix 2.6 - ftp://mirrors.loonybin.net/pub/postfix/experimental/postfix-2.6-20080814.RELEASE_NOTES\"}}"
  }
}

GHSA-8739-VXJM-M9P4

Vulnerability from github – Published: 2022-05-03 03:19 – Updated: 2022-05-03 03:19

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2936"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-08-18T19:41:00Z",
    "severity": "MODERATE"
  },
  "details": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.",
  "id": "GHSA-8739-vxjm-m9p4",
  "modified": "2022-05-03T03:19:19Z",
  "published": "2022-05-03T03:19:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2936"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-2689"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/636-1"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/6337"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
    },
    {
      "type": "WEB",
      "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31469"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31474"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31477"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31485"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31500"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31530"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32231"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4160"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1629"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/938323"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30691"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020700"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2385"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-AVI-420

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans Postfix permettent à un utilisateur malveillant d'élever ses privilèges et de porter atteinte à l'intégrité et à la confidentialité de données.

Description

Le support des liens sur certains systèmes d'exploitation permet à un utilisateur malveillant de modifier des fichiers ne lui appartenant pas ou d'élever ses privilèges par la construction de liens et l'envoi de messages.

Un défaut de vérification des droits sur les boîtes aux lettres permet à un utilisateur malintentionné de lire des courriels qui ne lui sont pas destinés.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Postfix dans les version suivantes :

branche 2.3, avant la version 2.3.15 ;
branche 2.4, avant la version 2.4.8 ;
branche 2.5, avant la version 2.5.4 ;
branche 2.6, avant la version 2.6-20080814.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

CVE-2008-2936 et CVE-2008-2937	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2008:0839 du 14 août 2008 :	-	other
Bulletin de sécurité Gentoo GLSA-200808-12 du 14 août 2008 :	-	other
Bulletin de sécurité OpenSuse SUSE-SA:2008:040 du 14 août 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePostfix dans les version suivantes :  \u003cUL\u003e    \u003cLI\u003ebranche 2.3, avant la version 2.3.15 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.4, avant la version 2.4.8 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.5, avant la version 2.5.4 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.6, avant la version 2.6-20080814.\u003c/LI\u003e  \u003c/UL\u003e\u003c/p\u003e",
  "content": "## Description\n\nLe support des liens sur certains syst\u00e8mes d\u0027exploitation permet \u00e0 un\nutilisateur malveillant de modifier des fichiers ne lui appartenant pas\nou d\u0027\u00e9lever ses privil\u00e8ges par la construction de liens et l\u0027envoi de\nmessages.\n\nUn d\u00e9faut de v\u00e9rification des droits sur les bo\u00eetes aux lettres permet \u00e0\nun utilisateur malintentionn\u00e9 de lire des courriels qui ne lui sont pas\ndestin\u00e9s.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2008-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2936"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0839 du 14 ao\u00fbt 2008    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0839.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200808-12 du 14 ao\u00fbt 2008    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 OpenSuse SUSE-SA:2008:040 du 14 ao\u00fbt    2008 :",
      "url": "http://lists.opensuse-security-announce/2008-08/msg00002.html"
    }
  ],
  "reference": "CERTA-2008-AVI-420",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-08-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans Postfix permettent \u00e0 un utilisateur malveillant\nd\u0027\u00e9lever ses privil\u00e8ges et de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentialit\u00e9 de donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Postfix",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "CVE-2008-2936 et CVE-2008-2937",
      "url": null
    }
  ]
}

CERTA-2008-AVI-420

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans Postfix permettent à un utilisateur malveillant d'élever ses privilèges et de porter atteinte à l'intégrité et à la confidentialité de données.

Description

Un défaut de vérification des droits sur les boîtes aux lettres permet à un utilisateur malintentionné de lire des courriels qui ne lui sont pas destinés.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Postfix dans les version suivantes :

branche 2.3, avant la version 2.3.15 ;
branche 2.4, avant la version 2.4.8 ;
branche 2.5, avant la version 2.5.4 ;
branche 2.6, avant la version 2.6-20080814.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

CVE-2008-2936 et CVE-2008-2937	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2008:0839 du 14 août 2008 :	-	other
Bulletin de sécurité Gentoo GLSA-200808-12 du 14 août 2008 :	-	other
Bulletin de sécurité OpenSuse SUSE-SA:2008:040 du 14 août 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePostfix dans les version suivantes :  \u003cUL\u003e    \u003cLI\u003ebranche 2.3, avant la version 2.3.15 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.4, avant la version 2.4.8 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.5, avant la version 2.5.4 ;\u003c/LI\u003e    \u003cLI\u003ebranche 2.6, avant la version 2.6-20080814.\u003c/LI\u003e  \u003c/UL\u003e\u003c/p\u003e",
  "content": "## Description\n\nLe support des liens sur certains syst\u00e8mes d\u0027exploitation permet \u00e0 un\nutilisateur malveillant de modifier des fichiers ne lui appartenant pas\nou d\u0027\u00e9lever ses privil\u00e8ges par la construction de liens et l\u0027envoi de\nmessages.\n\nUn d\u00e9faut de v\u00e9rification des droits sur les bo\u00eetes aux lettres permet \u00e0\nun utilisateur malintentionn\u00e9 de lire des courriels qui ne lui sont pas\ndestin\u00e9s.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2008-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2936"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0839 du 14 ao\u00fbt 2008    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0839.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200808-12 du 14 ao\u00fbt 2008    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 OpenSuse SUSE-SA:2008:040 du 14 ao\u00fbt    2008 :",
      "url": "http://lists.opensuse-security-announce/2008-08/msg00002.html"
    }
  ],
  "reference": "CERTA-2008-AVI-420",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-08-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans Postfix permettent \u00e0 un utilisateur malveillant\nd\u0027\u00e9lever ses privil\u00e8ges et de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentialit\u00e9 de donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Postfix",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "CVE-2008-2936 et CVE-2008-2937",
      "url": null
    }
  ]
}

GSD-2008-2936

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-2936

Aliases

CVE-2008-2936

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2936",
    "description": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.",
    "id": "GSD-2008-2936",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-2936.html",
      "https://www.debian.org/security/2008/dsa-1629",
      "https://access.redhat.com/errata/RHSA-2008:0839",
      "https://linux.oracle.com/cve/CVE-2008-2936.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2936"
      ],
      "details": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.",
      "id": "GSD-2008-2936",
      "modified": "2023-12-13T01:23:00.428239Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-2936",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY",
            "refsource": "MISC",
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
          },
          {
            "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY",
            "refsource": "MISC",
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
          },
          {
            "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY",
            "refsource": "MISC",
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
          },
          {
            "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY",
            "refsource": "MISC",
            "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
          },
          {
            "name": "http://article.gmane.org/gmane.mail.postfix.announce/110",
            "refsource": "MISC",
            "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
          },
          {
            "name": "http://secunia.com/advisories/31469",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31469"
          },
          {
            "name": "http://secunia.com/advisories/31474",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31474"
          },
          {
            "name": "http://secunia.com/advisories/31477",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31477"
          },
          {
            "name": "http://secunia.com/advisories/31485",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31485"
          },
          {
            "name": "http://secunia.com/advisories/31500",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31500"
          },
          {
            "name": "http://secunia.com/advisories/31530",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31530"
          },
          {
            "name": "http://secunia.com/advisories/32231",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32231"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200808-12.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
          },
          {
            "name": "http://securityreason.com/securityalert/4160",
            "refsource": "MISC",
            "url": "http://securityreason.com/securityalert/4160"
          },
          {
            "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0259",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1629",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1629"
          },
          {
            "name": "http://www.kb.cert.org/vuls/id/938323",
            "refsource": "MISC",
            "url": "http://www.kb.cert.org/vuls/id/938323"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0839.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/495474/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/495632/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/495882/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/30691",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/30691"
          },
          {
            "name": "http://www.securitytracker.com/id?1020700",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1020700"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/2385",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/2385"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-2689",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-2689"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
          },
          {
            "name": "https://usn.ubuntu.com/636-1/",
            "refsource": "MISC",
            "url": "https://usn.ubuntu.com/636-1/"
          },
          {
            "name": "https://www.exploit-db.com/exploits/6337",
            "refsource": "MISC",
            "url": "https://www.exploit-db.com/exploits/6337"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-2936"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
            },
            {
              "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
            },
            {
              "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
            },
            {
              "name": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
            },
            {
              "name": "SUSE-SA:2008:040",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
            },
            {
              "name": "30691",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/30691"
            },
            {
              "name": "31485",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31485"
            },
            {
              "name": "31500",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31500"
            },
            {
              "name": "VU#938323",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/938323"
            },
            {
              "name": "1020700",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020700"
            },
            {
              "name": "GLSA-200808-12",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
            },
            {
              "name": "31469",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31469"
            },
            {
              "name": "RHSA-2008:0839",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
            },
            {
              "name": "[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
            },
            {
              "name": "31477",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31477"
            },
            {
              "name": "MDVSA-2008:171",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
            },
            {
              "name": "DSA-1629",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1629"
            },
            {
              "name": "31530",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31530"
            },
            {
              "name": "31474",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31474"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2689",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-2689"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0259",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
            },
            {
              "name": "4160",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/4160"
            },
            {
              "name": "32231",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32231"
            },
            {
              "name": "FEDORA-2008-8593",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
            },
            {
              "name": "FEDORA-2008-8595",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
            },
            {
              "name": "ADV-2008-2385",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/2385"
            },
            {
              "name": "postfix-symlink-code-execution(44460)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
            },
            {
              "name": "6337",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/6337"
            },
            {
              "name": "oval:org.mitre.oval:def:10033",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
            },
            {
              "name": "USN-636-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/636-1/"
            },
            {
              "name": "20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
            },
            {
              "name": "20080821 rPSA-2008-0259-1 postfix",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
            },
            {
              "name": "20080814 Postfix local privilege escalation via hardlinked symlinks",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T02:19Z",
      "publishedDate": "2008-08-18T19:41Z"
    }
  }
}

RHSA-2008_0839

Vulnerability from csaf_redhat - Published: 2008-08-14 19:31 - Updated: 2024-11-22 02:11

Summary

Red Hat Security Advisory: postfix security update

Notes

Topic

Updated postfix packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), and TLS. A flaw was found in the way Postfix dereferences symbolic links. If a local user has write access to a mail spool directory with no root mailbox, it may be possible for them to append arbitrary data to files that root has write permission to. (CVE-2008-2936) Red Hat would like to thank Sebastian Krahmer for responsibly disclosing this issue. All users of postfix should upgrade to these updated packages, which contain a backported patch that resolves this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated postfix packages that fix a security issue are now available for\nRed Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),\nand TLS.\n\nA flaw was found in the way Postfix dereferences symbolic links. If a local\nuser has write access to a mail spool directory with no root mailbox, it\nmay be possible for them to append arbitrary data to files that root has\nwrite permission to. (CVE-2008-2936)\n\nRed Hat would like to thank Sebastian Krahmer for responsibly disclosing\nthis issue.\n\nAll users of postfix should upgrade to these updated packages, which\ncontain a backported patch that resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0839",
        "url": "https://access.redhat.com/errata/RHSA-2008:0839"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "456314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456314"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0839.json"
      }
    ],
    "title": "Red Hat Security Advisory: postfix security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:11:52+00:00",
      "generator": {
        "date": "2024-11-22T02:11:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2008:0839",
      "initial_release_date": "2008-08-14T19:31:00+00:00",
      "revision_history": [
        {
          "date": "2008-08-14T19:31:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-08-14T15:34:55+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:11:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3",
                  "product_id": "3AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3",
                "product": {
                  "name": "Red Hat Desktop version 3",
                  "product_id": "3Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3",
                  "product_id": "3ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3",
                  "product_id": "3WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.i386",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.i386",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.src",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.src",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.src",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.src",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.src",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.src",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=src\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.s390",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.s390",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.src"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.src"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Sebastian Krahmer"
          ]
        }
      ],
      "cve": "CVE-2008-2936",
      "discovery_date": "2008-07-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "456314"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postfix privilege escalation flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.src",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.src",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.src",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "5Client:postfix-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-2:2.3.3-2.1.el5_2.src",
          "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-2:2.3.3-2.1.el5_2.src",
          "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2936"
        },
        {
          "category": "external",
          "summary": "RHBZ#456314",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456314"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2936",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2936"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2936",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2936"
        }
      ],
      "release_date": "2008-08-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-08-14T19:31:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.src",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.src",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.src",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "5Client:postfix-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-2:2.3.3-2.1.el5_2.src",
            "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-2:2.3.3-2.1.el5_2.src",
            "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0839"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postfix privilege escalation flaw"
    }
  ]
}

RHSA-2008:0839

Vulnerability from csaf_redhat - Published: 2008-08-14 19:31 - Updated: 2025-11-21 17:33

Summary

Red Hat Security Advisory: postfix security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated postfix packages that fix a security issue are now available for\nRed Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),\nand TLS.\n\nA flaw was found in the way Postfix dereferences symbolic links. If a local\nuser has write access to a mail spool directory with no root mailbox, it\nmay be possible for them to append arbitrary data to files that root has\nwrite permission to. (CVE-2008-2936)\n\nRed Hat would like to thank Sebastian Krahmer for responsibly disclosing\nthis issue.\n\nAll users of postfix should upgrade to these updated packages, which\ncontain a backported patch that resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0839",
        "url": "https://access.redhat.com/errata/RHSA-2008:0839"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "456314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456314"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0839.json"
      }
    ],
    "title": "Red Hat Security Advisory: postfix security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:33:46+00:00",
      "generator": {
        "date": "2025-11-21T17:33:46+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0839",
      "initial_release_date": "2008-08-14T19:31:00+00:00",
      "revision_history": [
        {
          "date": "2008-08-14T19:31:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-08-14T15:34:55+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:33:46+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3",
                  "product_id": "3AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3",
                "product": {
                  "name": "Red Hat Desktop version 3",
                  "product_id": "3Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3",
                  "product_id": "3ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3",
                  "product_id": "3WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=x86_64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.i386",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.i386",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.i386",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.i386",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=i386\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.src",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.src",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.src",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.src",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.src",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.src",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=src\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.ia64",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.ia64",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=ia64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.ppc",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.ppc",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=ppc\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.3.3-2.1.el5_2.s390x",
                "product": {
                  "name": "postfix-2:2.3.3-2.1.el5_2.s390x",
                  "product_id": "postfix-2:2.3.3-2.1.el5_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.3.3-2.1.el5_2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=s390x\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                "product": {
                  "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                  "product_id": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.0.16-14.1.RHEL3?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.0.16-14.1.RHEL3.s390",
                "product": {
                  "name": "postfix-2:2.0.16-14.1.RHEL3.s390",
                  "product_id": "postfix-2:2.0.16-14.1.RHEL3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.0.16-14.1.RHEL3?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-debuginfo@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                "product": {
                  "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                  "product_id": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/postfix-pflogsumm@2.2.10-1.2.1.el4_7?arch=s390\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.src as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.src"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.src",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.src"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.src"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.src"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        },
        "product_reference": "postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Sebastian Krahmer"
          ]
        }
      ],
      "cve": "CVE-2008-2936",
      "discovery_date": "2008-07-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "456314"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postfix privilege escalation flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.src",
          "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src",
          "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.src",
          "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.i386",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.s390",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.src",
          "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
          "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.src",
          "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
          "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
          "5Client:postfix-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-2:2.3.3-2.1.el5_2.src",
          "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
          "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-2:2.3.3-2.1.el5_2.src",
          "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
          "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2936"
        },
        {
          "category": "external",
          "summary": "RHBZ#456314",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456314"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2936",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2936"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2936",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2936"
        }
      ],
      "release_date": "2008-08-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-08-14T19:31:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.src",
            "3AS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3AS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.src",
            "3Desktop:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3Desktop:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.src",
            "3ES:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3ES:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.i386",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.ia64",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.ppc",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.s390",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.s390x",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.src",
            "3WS:postfix-2:2.0.16-14.1.RHEL3.x86_64",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.i386",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ia64",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.ppc",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.s390x",
            "3WS:postfix-debuginfo-2:2.0.16-14.1.RHEL3.x86_64",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4AS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4AS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4Desktop:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4Desktop:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4ES:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4ES:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.src",
            "4WS:postfix-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-debuginfo-2:2.2.10-1.2.1.el4_7.x86_64",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.i386",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ia64",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.ppc",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.s390x",
            "4WS:postfix-pflogsumm-2:2.2.10-1.2.1.el4_7.x86_64",
            "5Client:postfix-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-2:2.3.3-2.1.el5_2.src",
            "5Client:postfix-2:2.3.3-2.1.el5_2.x86_64",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
            "5Client:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-2:2.3.3-2.1.el5_2.src",
            "5Server:postfix-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-debuginfo-2:2.3.3-2.1.el5_2.x86_64",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.i386",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ia64",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.ppc",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.s390x",
            "5Server:postfix-pflogsumm-2:2.3.3-2.1.el5_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0839"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postfix privilege escalation flaw"
    }
  ]
}

FKIE_CVE-2008-2936

Vulnerability from fkie_nvd - Published: 2008-08-18 19:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY
secalert@redhat.com	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY
secalert@redhat.com	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY
secalert@redhat.com	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY
secalert@redhat.com	http://article.gmane.org/gmane.mail.postfix.announce/110
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html
secalert@redhat.com	http://secunia.com/advisories/31469
secalert@redhat.com	http://secunia.com/advisories/31474
secalert@redhat.com	http://secunia.com/advisories/31477
secalert@redhat.com	http://secunia.com/advisories/31485	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31500	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31530
secalert@redhat.com	http://secunia.com/advisories/32231
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200808-12.xml
secalert@redhat.com	http://securityreason.com/securityalert/4160
secalert@redhat.com	http://wiki.rpath.com/Advisories:rPSA-2008-0259
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1629
secalert@redhat.com	http://www.kb.cert.org/vuls/id/938323	US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:171
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0839.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/495474/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/495632/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/495882/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/30691	Patch
secalert@redhat.com	http://www.securitytracker.com/id?1020700
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/2385
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/44460
secalert@redhat.com	https://issues.rpath.com/browse/RPL-2689
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033
secalert@redhat.com	https://usn.ubuntu.com/636-1/
secalert@redhat.com	https://www.exploit-db.com/exploits/6337
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY
af854a3a-2127-422b-91ae-364da2661108	http://article.gmane.org/gmane.mail.postfix.announce/110
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31469
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31474
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31477
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31485	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31500	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31530
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32231
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200808-12.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/4160
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/Advisories:rPSA-2008-0259
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1629
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/938323	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:171
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0839.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495474/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495632/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495882/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30691	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020700
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2385
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44460
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-2689
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/636-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/6337
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html

Impacted products

Vendor	Product	Version
postfix	postfix	2.3.0
postfix	postfix	2.3.1
postfix	postfix	2.3.2
postfix	postfix	2.3.3
postfix	postfix	2.3.4
postfix	postfix	2.3.5
postfix	postfix	2.3.6
postfix	postfix	2.3.7
postfix	postfix	2.3.8
postfix	postfix	2.3.9
postfix	postfix	2.3.10
postfix	postfix	2.3.11
postfix	postfix	2.3.12
postfix	postfix	2.3.13
postfix	postfix	2.3.14
postfix	postfix	2.4.0
postfix	postfix	2.4.1
postfix	postfix	2.4.2
postfix	postfix	2.4.3
postfix	postfix	2.4.4
postfix	postfix	2.4.5
postfix	postfix	2.4.6
postfix	postfix	2.4.7
postfix	postfix	2.5.0
postfix	postfix	2.5.1
postfix	postfix	2.5.2
postfix	postfix	2.5.3
postfix	postfix	2.6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08A3C19-AEB6-4E0C-A41D-01024DC0A25D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE8A81E-3856-4908-B7B7-9CF511CA2A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B935272-1EC7-4C70-8299-9DC7594809EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1647690F-D015-4DC4-9FB7-F5E9F0C430D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A814997B-A612-493F-AA85-BA5A187A91FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "449E9764-54F4-46F9-9E4D-F2C96EC5F37E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF4A15A5-0994-4A3B-B4CD-1C5D9F411FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3FB858-1B20-450B-9181-A1FE1C2B9DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BBD449-6F03-4EFE-8C87-B5014F0381F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBD42EA-B31E-4E37-BF28-FEBB18369A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B92BCC42-6E9F-44CB-A755-004B6DBD9D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67A4AE-2C1C-49D6-9F53-05CAB51273E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A64D948-9441-492F-B9E5-DE5D5A3D7266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D7BCB67-AF9E-4343-827B-D783C71BAF46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "265AD494-E5EB-423B-9C20-62BCB1C3B9B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2138A68-3F3D-4C7E-9FEB-2C8A445F2789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED5E0EB5-ECC6-4573-9EA7-83E5741DA3CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "790C02A8-95DD-42BE-8A1C-1C6D6DDCC443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A0034F2-585D-4A98-8428-996A726712DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B162B5-DEF5-46AD-87D1-734B3B637D46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3730A-0FFD-4C23-B758-BBA67CC9CD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E8E5E2-5674-40D5-AD86-8C4DDB442EE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "690EDC73-47B5-4891-86A5-37B6ED80E145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA31260C-1C67-4E76-9F56-2359BFA0B197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F1FC50-B6EB-48FD-A2FA-B8BEB05719DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DE90BD-B5F9-4762-B086-130AB04F3CB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD5258B-C9DE-47BD-9172-27618F220201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postfix:postfix:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B3F710-13EF-4A36-B191-E0FCC1D98E23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.  NOTE: this can be leveraged to gain privileges if there is a symlink to an init script."
    },
    {
      "lang": "es",
      "value": "Postfix antes de 2.3.15, 2.4 anterior a 2.4.8, 2.5 anterior a 2.5.4 y 2.6 antes de 2.6-20080814, cuando el sistema operativo admite enlaces duros (hard links) a enlaces simb\u00f3licos, permite a usuarios locales a\u00f1adir mensajes de correo a un archivo al que apunta un enlace simb\u00f3lico propiedad de root, creando un enlace duro a este enlace simb\u00f3lico y enviando un mensaje despu\u00e9s. NOTA: esto puede ser utilizado para obtener privilegios si hay un enlace simb\u00f3lico a un script init."
    }
  ],
  "evaluatorComment": "Please refer to the following links for additional version information (vendor release notes):\r\n\r\n\r\nPostfix 2.3 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.3.15.RELEASE_NOTES\r\n\r\nPostfix 2.4 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.4.8.RELEASE_NOTES\r\n\r\nPostfix 2.5 - ftp://mirrors.loonybin.net/pub/postfix/official/postfix-2.5.4.RELEASE_NOTES\r\n\r\nPostfix 2.6 - ftp://mirrors.loonybin.net/pub/postfix/experimental/postfix-2.6-20080814.RELEASE_NOTES",
  "id": "CVE-2008-2936",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-18T19:41:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31469"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31474"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31477"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31485"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31500"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31530"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32231"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/4160"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1629"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/938323"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/30691"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020700"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/2385"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2689"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/636-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.exploit-db.com/exploits/6337"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://article.gmane.org/gmane.mail.postfix.announce/110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200808-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4160"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/938323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0839.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495474/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495632/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495882/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/30691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/636-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2936 (GCVE-0-2008-2936)

GHSA-8739-VXJM-M9P4

CERTA-2008-AVI-420

Description

Solution

CERTA-2008-AVI-420

Description

Solution

GSD-2008-2936

RHSA-2008_0839

RHSA-2008:0839

FKIE_CVE-2008-2936

Tags

Sightings

Nomenclature